CVE-2006-4527

CVE-2006-4527 · LOW Severity

AV:N/AC:H/AU:N/C:N/I:P/A:N

includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magic_quotes_gpc is disabled, uses an insufficiently restrictive regular expression to validate the gateway parameter, which allows remote attackers to conduct PHP remote file inclusion attacks.

Learn more about our Web Application Penetration Testing UK.